TLS Handshaking 패킷 분석

Wireshark 프로그램을 이용해 이전에 공부했던 핸드셰이킹 과정이 실제로 어떻게 일어나는지 분석하였다.

분석 내용은 다음과 같음

 

 

Client : Client Hello 전송

* 형식

Content Type(handshake : 22) | version | length | handshake type (client hello : 1) | length | version | gmt_unix_time | random_bytes | session id length | cipher suites length | cipher suites | compression methods length | compression methods

 

 

 

 

Server : Server Hello 전송

* 형식

Content Type(handshake : 22) | version | length | handshake type (Server hello : 2) | length | version | gmt_unix_time |
random bytes | session_id length | session ID | cipher suite | compression method |

 

Server : Certificate 전송

* 형식

Content Type (handshake: 22) | version | length | handshake type (certificate) | length | certificates length | certificates |

 

Server : Server hello done 전송

* 형식

Content Type (handshake: 22) | version | length | handshake type (server hello done) | length

 

 

 

Client : Client key exchange 전송

* 형식

Content Type (handshake: 22) | version | length | handshake type (client key exchange)
 | length |

 

Client : Change cipher spec 전송

* 형식

Content Type (Change cipher spec) | version | length | change cipher spec message

 

Client : Finished 전송

* 형식

Content Type (handshake : 22) | version | length | handshake protocol : Finished

 

 

Server : Change cipher spec 전송

* 형식

Content Type (Change cipher spec) | version | length | change cipher spec message

 

Server : Finished 전송

* 형식

Content Type (handshake : 22) | version | length | handshake protocol : Finished

 

 

 

Server : Alert message 전송

* 형식

Content Type (Alert) | version | length | alert message